#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Colonial Pipeline | Breaking Cybersecurity News | The Hacker News

Category — Colonial Pipeline
U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack

U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack

May 10, 2022
The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator's control room management ( CRM ) procedures from January through November 2020. The PHMSA  said  that "a probable failure to adequately plan and prepare for manual shutdown and restart of its pipeline system [...] contributed to the national impacts when the pipeline remained out of service after the May 2021 cyberattack." Colonial Pipeline, operator of the largest U.S. fuel pipeline, was forced to temporarily take its systems offline in the wake of a  DarkSide ransomware attack  in early May 2021, disrupting gas supply and prompting a  regional emergency declaration  across 17 states. ...
U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers

U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers

Jun 08, 2021
In a major blow, the U.S. Department of Justice on Monday said it has recovered 63.7 bitcoins (currently valued at $2.3 million) paid by Colonial Pipeline to the DarkSide ransomware extortionists on May 8, pursuant to a seizure warrant that was authorized by the Northern District of California. The  ransomware attack  also hobbled the pipeline company's fuel supply, prompting the government to issue an  emergency declaration , even as the company shelled out a ransom amount of approximately  75 bitcoins  ($4.4 million as of May 8) to regain access to its systems. A week after the highly publicized incident, the ransomware-as-a-service syndicate disbanded with a May 14 farewell message to affiliates, stating that its internet servers and cryptocurrency stash were  seized  by unknown law enforcement entities. While DarkSide's announcement was perceived as an exit scam, the latest move from DoJ confirms earlier speculations of law enforcement involvem...
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Feb 11, 2025Software Security / Threat Intelligence
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn't buy a car without knowing its safety features, you shouldn't deploy software without understanding the risks it introduces. The Rising Threat of Supply Chain Attacks Cybercriminals have recognized that instead of attacking an organization head-on, they can infiltrate through the software supply chain—like slipping counterfeit parts into an assembly line. According to the 2024 Sonatype State of the Software Supply Chain report , attackers are infiltrating open-source ecosystems at an alarming rate, with over 512,847 malicious packages detected last year alone—a 156% increase from the previous year. Traditional sec...
Hackers Breached Colonial Pipeline Using Compromised VPN Password

Hackers Breached Colonial Pipeline Using Compromised VPN Password

Jun 07, 2021
The ransomware cartel that masterminded the  Colonial Pipeline attack  early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was  reported  by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as April 29 through the VPN account, which allowed employees to access the company's networks remotely. The VPN login — which didn't have multi-factor protections on — was unused but active at the time of the attack, the report said, adding the password has since been discovered inside a batch of leaked passwords on the dark web, suggesting that an employee of the company may have reused the same password on another account that was previously breached. It's, however, unclear how the password was obtained, Charles Carmakal, senior vice president at the cybersecurity firm Mandiant, was quote...
cyber security

Level Up Your Cyber Skills at SANS 2025

websiteSANS InstituteCyber Security / Training
Master in-demand techniques at our largest training event in 2025. Explore 50+ courses. Train in person to claim your $769 savings!
Expert Insights / Articles Videos
Cybersecurity Resources